summaryrefslogtreecommitdiffstats
path: root/recipes-kernel/linux/files/CVE-2016-5696-limiting-of-all-challenge.patch
Commit message (Collapse)AuthorAgeFilesLines
* linux-yocto: Drop patches obsoleted by v4.4.26krogothAdrian Dudau2016-11-231-109/+0
| | | | | | | | Yocto upgraded kernel version to 4.4.26, which includes the CVE fixes maintained here. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* kernel-net: CVE-2016-5696Sona Sarmadi2016-08-301-0/+109
tcp: make challenge acks less predictable net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5696 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=5413f1a526d2d51d7a5768133c90936c017165c6 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=72c2d3bccaba4a0a4de354f9d2d24eccd05bfccf (This a follow-up to "tcp: make challenge acks less predictable) Signen-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-04-28 07:03:00 +0000